eCPPT certification and programming skills




Posts: 1

Joined: Tue May 24, 2011 12:56 am

Post Tue May 24, 2011 1:46 am

eCPPT certification and programming skills

Hello everyone,
I am new to this forum.
First of all,I would like to brief you about me.I am a CISA  with 7 years of working experience:4 in Information security and audit and 3 as a windows support and network administrator.
I should add that I have  very basic programming skills.
Lately,I found out about eCPPT but  noticed that passing and understanding the course requires some development background.
Such fact made me think twice before applying to the course or to OSCP.
Therefore,I would really appreciate to hear or to know the opinion of someone who had similar experience.
What should I do in case i decided to take the ecppt?What are the required programming skills?what books should I read before applying to eCPPT?

NB:I am currently preparing myself to take the CEH.
Thanks for your replies



User avatar

Jr. Member
Jr. Member

Posts: 93

Joined: Sun Sep 13, 2009 11:15 am

Location: Italy

Post Wed May 25, 2011 8:37 am

Re: eCPPT certification and programming skills

Of course I'm biased but I'm also the most informed  ;D

Our course requires a basic understanding of C++/ASM as in some modules (Buffer overflow, Shellcoding and Rootkit coding) there's absolutely need for them. Now,the question is: what level of understanding is required?

If you don't want to code your own exploits, or you don't want to be too hardcore on system security, you would only need to "read" the code and understand what's going on. I'm sure you would benefit from it anyway.
I see plenty of pentesters today not having any basics of C++/ASM and working in the field.

Another language that you may encounter during the course is PHP. We offer snippets of code to explain vulnerabilities. Once again, "reading" is enough.

To pass the certification, it is not required any programming skill.

P.S. From what I see 50% of our students never coded C++ but they find the Buffer overflow and Shellcoding modules "enlightening" to say the least.

Hope this clarifies your concern
Founder and Lead Author of eLearnSecurity
Training for Penetration Testers

Founder of HACK.ME Free community based web app security virtual labs


User avatar

Sr. Member
Sr. Member

Posts: 386

Joined: Tue Feb 03, 2009 3:59 am

Post Sat May 28, 2011 12:39 am

Re: eCPPT certification and programming skills

Being an eCPPT I completely agree with Armando that you don't need to be a programmer to complete the course but you still should be able to understand the code. Most of the php required for the course can be easily learned from w3schools.com http://www.w3schools.com/php/default.asp

But, to get the most out of the course, I would suggest that you learn enough php to be able to set up a basic website, prior to joining the course. Learning vulnerabilities without understanding the language gives you an abstract view of that vulnerability. If your objective of joining the course is to LEARN and not just to earn one more certification than I would definitely suggest learning enough PHP and C (Focus on pointers) before starting web application and system security modules.

You can even start the course and learn PHP and C alongside. In that case I would suggest starting out with network security module first as it doesn't require ant programming skills and learn PHP or C side by side. Then, once you're comfortable with PHP or C, you can jump to web application or system security modules.

What should I do in case i decided to take the ecppt?What are the required programming skills?

I didn't know any PHP when I passed the certificate exam.

what books should I read before applying to eCPPT?

'The Web Application Hacker's Handbook' will be a good companion.
Other books I read/consulted:
Counter Hack Reloaded by Ed Skoudis.
The Shellcoder's Handbook.



Posts: 38

Joined: Mon Nov 01, 2010 2:41 pm

Post Sun Jun 12, 2011 5:49 pm

Re: eCPPT certification and programming skills

From the point of view about the books. I would say that you also read these while you study, its what I did and found them useful for areas at the time I felt a bit weak on.

I also recommend using the forums, there is quite a bit of useful information and questions/reply that I also learned things from and really helped me to develop a better understanding.

Never been the flamin type.

Return to eCPPT - eLearnSecurity Certified Professional Penetration Tester

Who is online

Users browsing this forum: No registered users and 1 guest

Powered by phpBB® Forum Software © phpBB Group.
Designed by ST Software